VYPR

e-management

by E Solutions

CVEs (2)

  • CVE-2025-3022CriMar 31, 2025
    risk 0.61cvss epss 0.01

    Os command injection vulnerability in e-solutions e-management. This vulnerability allows an attacker to execute arbitrary commands on the server via the ‘client’ parameter in the /data/apache/e-management/api/api3.php endpoint.

  • CVE-2025-3021HigMar 31, 2025
    risk 0.57cvss epss 0.00

    Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the ‘file’ parameter in the /downloadReport.php endpoint.